cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Return a correct error if a composite oAuth AS can not find the right service
Date Mon, 08 Feb 2016 12:05:51 GMT
Repository: cxf
Updated Branches:
  refs/heads/master f8834cf0d -> 81f1f76a7


Return a correct error if a composite oAuth AS can not find the right service


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/81f1f76a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/81f1f76a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/81f1f76a

Branch: refs/heads/master
Commit: 81f1f76a71b23a38798b4dc6e266a707f8e0e44b
Parents: f8834cf
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Mon Feb 8 12:05:34 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Mon Feb 8 12:05:34 2016 +0000

----------------------------------------------------------------------
 .../oauth2/services/AuthorizationService.java   | 34 +++++++++++++++-----
 1 file changed, 26 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/81f1f76a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationService.java
index 376f74d..6f98b85 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationService.java
@@ -34,7 +34,8 @@ import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 
 import org.apache.cxf.jaxrs.ext.MessageContext;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
+import org.apache.cxf.rs.security.oauth2.common.OAuthError;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
 @Path("authorize")
@@ -52,13 +53,23 @@ public class AuthorizationService {
     @GET
     @Produces({"application/xhtml+xml", "text/html", "application/xml", "application/json"
})
     public Response authorize(@QueryParam(OAuthConstants.RESPONSE_TYPE) String responseType)
{
-        return getService(responseType).authorize();
+        RedirectionBasedGrantService service = getService(responseType);
+        if (service != null) {
+            return service.authorize();
+        } else {
+            return reportInvalidResponseType();
+        }
     }
     
     @GET
     @Path("/decision")
     public Response authorizeDecision(@QueryParam(OAuthConstants.RESPONSE_TYPE) String responseType)
{
-        return getService(responseType).authorizeDecision();
+        RedirectionBasedGrantService service = getService(responseType);
+        if (service != null) {
+            return service.authorizeDecision();
+        } else {
+            return reportInvalidResponseType();
+        }
     }
     
     /**
@@ -70,14 +81,16 @@ public class AuthorizationService {
     @Consumes("application/x-www-form-urlencoded")
     public Response authorizeDecisionForm(MultivaluedMap<String, String> params) {
         String responseType = params.getFirst(OAuthConstants.RESPONSE_TYPE);
-        return getService(responseType).authorizeDecisionForm(params);
+        RedirectionBasedGrantService service = getService(responseType);
+        if (service != null) {
+            return service.authorizeDecisionForm(params);
+        } else {
+            return reportInvalidResponseType();
+        }
     }
     
     private RedirectionBasedGrantService getService(String responseType) {
-        if (responseType == null || !servicesMap.containsKey(responseType)) {
-            throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
-        }
-        return servicesMap.get(responseType);
+        return responseType == null ? null : servicesMap.get(responseType);
     }
     
     public void setServices(List<RedirectionBasedGrantService> services) {
@@ -88,4 +101,9 @@ public class AuthorizationService {
         }
         
     }
+    
+    protected Response reportInvalidResponseType() {
+        return JAXRSUtils.toResponseBuilder(400)
+            .type("application/json").entity(new OAuthError(OAuthConstants.UNSUPPORTED_RESPONSE_TYPE)).build();
+    }
 }


Mime
View raw message